Bump ecdsa crate dependency to v0.13 (#467)

tarcieri · web-flow · commit d85cf8076ae6 · 2021-11-21T12:36:38.000-07:00
diff --git a/.github/workflows/k256.yml b/.github/workflows/k256.yml
@@ -100,38 +100,37 @@ jobs:
       - run: cargo test --release --target ${{ matrix.target }}
       - run: cargo test --release --target ${{ matrix.target }} --all-features
 
-# TODO(tarcieri): re-enable when new `elliptic-curve` and `ecdsa` crates are released
-#  cross:
-#    strategy:
-#      matrix:
-#        include:
-#          # ARM32
-#          - target: armv7-unknown-linux-gnueabihf
-#            rust: 1.56.0 # MSRV
-#          - target: armv7-unknown-linux-gnueabihf
-#            rust: stable
-#
-#          # ARM64
-#          - target: aarch64-unknown-linux-gnu
-#            rust: 1.56.0 # MSRV
-#          - target: aarch64-unknown-linux-gnu
-#            rust: stable
-#
-#          # PPC32
-#          - target: powerpc-unknown-linux-gnu
-#            rust: 1.56.0 # MSRV
-#          - target: powerpc-unknown-linux-gnu
-#            rust: stable
-#
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: actions/checkout@v2
-#      - run: ${{ matrix.deps }}
-#      - uses: actions-rs/toolchain@v1
-#        with:
-#          profile: minimal
-#          toolchain: ${{ matrix.rust }}
-#          target: ${{ matrix.target }}
-#          override: true
-#      - run: cargo install cross
-#      - run: cross test --release --target ${{ matrix.target }} --all-features
+  cross:
+    strategy:
+      matrix:
+        include:
+          # ARM32
+          - target: armv7-unknown-linux-gnueabihf
+            rust: 1.56.0 # MSRV
+          - target: armv7-unknown-linux-gnueabihf
+            rust: stable
+
+          # ARM64
+          - target: aarch64-unknown-linux-gnu
+            rust: 1.56.0 # MSRV
+          - target: aarch64-unknown-linux-gnu
+            rust: stable
+
+          # PPC32
+          - target: powerpc-unknown-linux-gnu
+            rust: 1.56.0 # MSRV
+          - target: powerpc-unknown-linux-gnu
+            rust: stable
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - run: ${{ matrix.deps }}
+      - uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: ${{ matrix.rust }}
+          target: ${{ matrix.target }}
+          override: true
+      - run: cargo install cross
+      - run: cross test --release --target ${{ matrix.target }} --all-features
diff --git a/.github/workflows/p256.yml b/.github/workflows/p256.yml
@@ -81,38 +81,37 @@ jobs:
       - run: cargo test --release --target ${{ matrix.target }}
       - run: cargo test --release --target ${{ matrix.target }} --all-features
 
-# TODO(tarcieri): re-enable when new `elliptic-curve` and `ecdsa` crates are released
-#  cross:
-#    strategy:
-#      matrix:
-#        include:
-#          # ARM32
-#          - target: armv7-unknown-linux-gnueabihf
-#            rust: 1.56.0 # MSRV
-#          - target: armv7-unknown-linux-gnueabihf
-#            rust: stable
-#
-#          # ARM64
-#          - target: aarch64-unknown-linux-gnu
-#            rust: 1.56.0 # MSRV
-#          - target: aarch64-unknown-linux-gnu
-#            rust: stable
-#
-#          # PPC32
-#          - target: powerpc-unknown-linux-gnu
-#            rust: 1.56.0 # MSRV
-#          - target: powerpc-unknown-linux-gnu
-#            rust: stable
-#
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: actions/checkout@v2
-#      - run: ${{ matrix.deps }}
-#      - uses: actions-rs/toolchain@v1
-#        with:
-#          profile: minimal
-#          toolchain: ${{ matrix.rust }}
-#          target: ${{ matrix.target }}
-#          override: true
-#      - run: cargo install cross
-#      - run: cross test --release --target ${{ matrix.target }} --all-features
+  cross:
+    strategy:
+      matrix:
+        include:
+          # ARM32
+          - target: armv7-unknown-linux-gnueabihf
+            rust: 1.56.0 # MSRV
+          - target: armv7-unknown-linux-gnueabihf
+            rust: stable
+
+          # ARM64
+          - target: aarch64-unknown-linux-gnu
+            rust: 1.56.0 # MSRV
+          - target: aarch64-unknown-linux-gnu
+            rust: stable
+
+          # PPC32
+          - target: powerpc-unknown-linux-gnu
+            rust: 1.56.0 # MSRV
+          - target: powerpc-unknown-linux-gnu
+            rust: stable
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - run: ${{ matrix.deps }}
+      - uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: ${{ matrix.rust }}
+          target: ${{ matrix.target }}
+          override: true
+      - run: cargo install cross
+      - run: cross test --release --target ${{ matrix.target }} --all-features
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -7,6 +7,3 @@ members = [
     "p256",
     "p384",
 ]
-
-[patch.crates-io]
-ecdsa = { git = "https://github.com/RustCrypto/signatures.git" }
diff --git a/bp256/Cargo.toml b/bp256/Cargo.toml
@@ -17,7 +17,7 @@ elliptic-curve = { version = "0.11", default-features = false, features = ["hazm
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa = { version = "=0.13.0-pre", optional = true, default-features = false, features = ["der"] }
+ecdsa = { version = "0.13", optional = true, default-features = false, features = ["der"] }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [features]
diff --git a/bp384/Cargo.toml b/bp384/Cargo.toml
@@ -17,7 +17,7 @@ elliptic-curve = { version = "0.11", default-features = false, features = ["hazm
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa = { version = "=0.13.0-pre", optional = true, default-features = false, features = ["der"] }
+ecdsa = { version = "0.13", optional = true, default-features = false, features = ["der"] }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [features]
diff --git a/k256/Cargo.toml b/k256/Cargo.toml
@@ -23,15 +23,15 @@ elliptic-curve = { version = "0.11", default-features = false, features = ["hazm
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa-core = { version = "=0.13.0-pre", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
+ecdsa-core = { version = "0.13", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
 hex-literal = { version = "0.3", optional = true }
 sha2 = { version = "0.9", optional = true, default-features = false }
 sha3 = { version = "0.9", optional = true, default-features = false }
 
 [dev-dependencies]
 blobby = "0.3"
 criterion = "0.3"
-ecdsa-core = { version = "=0.13.0-pre", package = "ecdsa", default-features = false, features = ["dev"] }
+ecdsa-core = { version = "0.13", package = "ecdsa", default-features = false, features = ["dev"] }
 hex-literal = "0.3"
 num-bigint = "0.4"
 num-traits = "0.2"
diff --git a/k256/src/ecdsa/sign.rs b/k256/src/ecdsa/sign.rs
@@ -19,8 +19,8 @@ use elliptic_curve::{
     ops::{Invert, Reduce},
     rand_core::{CryptoRng, RngCore},
     subtle::{Choice, ConstantTimeEq},
-    zeroize::Zeroize,
-    IsHigh,
+    zeroize::{Zeroize, Zeroizing},
+    Curve, IsHigh, PrimeField, ScalarCore,
 };
 
 #[cfg(any(feature = "keccak256", feature = "sha256"))]
@@ -107,12 +107,18 @@ where
     D: BlockInput + FixedOutput<OutputSize = U32> + Clone + Default + Reset + Update,
 {
     fn try_sign_digest(&self, msg_digest: D) -> Result<recoverable::Signature, Error> {
-        let ephemeral_scalar = rfc6979::generate_k(&self.inner, msg_digest.clone(), &[]);
+        let x = Zeroizing::new(ScalarCore::from(self.inner));
         let msg_scalar = Scalar::from_be_bytes_reduced(msg_digest.finalize_fixed());
-        let (signature, recid) = self
-            .inner
-            .try_sign_prehashed(**ephemeral_scalar, msg_scalar)?;
-
+        let k = Zeroizing::new(
+            NonZeroScalar::from_uint(*rfc6979::generate_k::<D, _>(
+                x.as_uint(),
+                &Secp256k1::ORDER,
+                &msg_scalar.to_repr(),
+                &[],
+            ))
+            .unwrap(),
+        );
+        let (signature, recid) = self.inner.try_sign_prehashed(**k, msg_scalar)?;
         let recoverable_id = recid.ok_or_else(Error::new)?.try_into()?;
         recoverable::Signature::new(&signature, recoverable_id)
     }
@@ -144,12 +150,18 @@ where
         let mut added_entropy = FieldBytes::default();
         rng.fill_bytes(&mut added_entropy);
 
-        let ephemeral_scalar = rfc6979::generate_k(&self.inner, msg_digest.clone(), &added_entropy);
+        let x = Zeroizing::new(ScalarCore::from(self.inner));
         let msg_scalar = Scalar::from_be_bytes_reduced(msg_digest.finalize_fixed());
-        let (signature, recid) = self
-            .inner
-            .try_sign_prehashed(**ephemeral_scalar, msg_scalar)?;
-
+        let k = Zeroizing::new(
+            NonZeroScalar::from_uint(*rfc6979::generate_k::<D, _>(
+                x.as_uint(),
+                &Secp256k1::ORDER,
+                &msg_scalar.to_repr(),
+                &added_entropy,
+            ))
+            .unwrap(),
+        );
+        let (signature, recid) = self.inner.try_sign_prehashed(**k, msg_scalar)?;
         let recoverable_id = recid.ok_or_else(Error::new)?.try_into()?;
         recoverable::Signature::new(&signature, recoverable_id)
     }
diff --git a/p256/Cargo.toml b/p256/Cargo.toml
@@ -21,13 +21,13 @@ elliptic-curve = { version = "0.11", default-features = false, features = ["hazm
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa-core = { version = "=0.13.0-pre", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
+ecdsa-core = { version = "0.13", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
 hex-literal = { version = "0.3", optional = true }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [dev-dependencies]
 blobby = "0.3"
-ecdsa-core = { version = "=0.13.0-pre", package = "ecdsa", default-features = false, features = ["dev"] }
+ecdsa-core = { version = "0.13", package = "ecdsa", default-features = false, features = ["dev"] }
 hex-literal = "0.3"
 proptest = "1.0"
 rand_core = { version = "0.6", features = ["getrandom"] }
diff --git a/p384/Cargo.toml b/p384/Cargo.toml
@@ -13,7 +13,7 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-ecdsa = { version = "=0.13.0-pre", optional = true, default-features = false, features = ["der"] }
+ecdsa = { version = "0.13", optional = true, default-features = false, features = ["der"] }
 elliptic-curve = { version = "0.11", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,3 @@ members = [`
`7`	`7`	`"p256",`
`8`	`8`	`"p384",`
`9`	`9`	`]`
`10`		`-`
`11`		`-[patch.crates-io]`
`12`		`-ecdsa = { git = "https://github.com/RustCrypto/signatures.git" }`